<?php
session_start();
//If your session isn't valid, it returns you to the login screen for protection
if(empty($_SESSION['myusername'])){
 header("location:main_login.php");
}
//echo $_SESSION['myusername'];
if(empty($_SESSION['seedval'])){
 header("location:main_login.php");
}

if($_SESSION['seedval'] != $_GET['id']){
	echo "Security breakage!";
	header("location:main_login.php");
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<link href="default.css" rel="stylesheet" type="text/css" />
        <title>Update Form</title>
</head>
<body>
<div id="fulladmin">
<?php
/*
if (! isset($_GET['page'])){
		//get field search
		$find_val = strip_tags($_POST['find']);
		$find_val = trim($find_val);
		
		$field_val = strip_tags($_POST['field']);
		$_SESSION['sql_script'] = "SELECT * FROM casereferred WHERE upper($field_val) LIKE'%$find_val%'";
	}		
	
		$sql_script = $_SESSION['sql_script'];
		//echo $sql_script;
	*/
/* 
        VIEW-PAGINATED.PHP
        Displays all data from 'players' table
        This is a modified version of admin.php that includes pagination
*/

        // connect to the database
        include('connect-db.php');
        
		if (isset($_POST['submit'])){
		    $filter = $_POST['caseno'];
			//echo $filter;
			$sql_script = "SELECT * FROM casereferred WHERE CaseNo = '$filter'";
		}
		else
		    $sql_script = "SELECT * FROM casereferred ORDER BY CaseNo ASC;";
		
        // number of results to show per page
        $per_page = 5;
        
        // figure out the total pages in the database
        $result = mysql_query($sql_script);
        $total_results = mysql_num_rows($result);
        $total_pages = ceil($total_results / $per_page);

        // check if the 'page' variable is set in the URL (ex: view-paginated.php?page=1)
        if (isset($_GET['page']) && is_numeric($_GET['page']))
        {
                $show_page = $_GET['page'];
                
                // make sure the $show_page value is valid
                if ($show_page > 0 && $show_page <= $total_pages)
                {
                        $start = ($show_page -1) * $per_page;
                        $end = $start + $per_page; 
                }
                else
                {
                        // error - show first set of results
                        $start = 0;
                        $end = $per_page; 
                }               
        }
        else
        {
                // if page isn't set, show first set of results
                $start = 0;
                $end = $per_page; 
        }
        
        // display pagination
        echo "<div id='adminleft'>";
        echo "<p><b>View Page:</b> ";
		$seedval = $_SESSION['seedval'];
        for ($i = 1; $i <= $total_pages; $i++)
        {				
                echo "<a href='updatecase.php?id=$seedval&page=$i'>$i</a> ";
        }
        echo "</p>";
        echo "</div>";        
        // display data in table
		echo "<div id='adminright'>";
		echo "<center><h1>Update Case</h1><br>";
        echo "<table border='0' cellpadding='10'>";
		echo '<form action="" method="post">';
		echo '<tr><td> Filter Case:</td><td><input type="text" name="caseno" /></td><td><input type="submit" name="submit" value="Submit"></td></tr>';
		echo '</form></table>';
		echo "<table border='1' cellpadding='10'>";
        echo "<tr> <th>Case No</th> <th>Plaintiff Name</th> <th>Defendant Name</th> </tr>";
		
	
		if($total_pages == 0){
			// close table>
			echo "</table><br>";
			echo "<center>No seach found</center>";
		}
		else{
        // loop through results of database query, displaying them in the table 
			for ($i = $start; $i < $end; $i++)
			{
                // make sure that PHP doesn't try to show results that don't exist
                if ($i == $total_results) { break; }
        
                // echo out the contents of each row into a table
                echo "<tr>";
                echo '<td><strong><a href="update_frm.php?code='. mysql_result($result, $i, 'ControlNo') . '&id='.$seedval.'&case='. mysql_result($result, $i, 'CaseNo') .'">'. mysql_result($result, $i, 'CaseNo') . '</a></strong></td>';
                //echo '<td>' . mysql_result($result, $i, 'caseTitle') . '</td>';
                echo '<td><strong><a href="update_frm.php?code='. mysql_result($result, $i, 'ControlNo') . '&id='.$seedval.'&case='. mysql_result($result, $i, 'CaseNo') .'">' . mysql_result($result, $i, 'plaintiffName') . '</a></strong></td>';
				echo '<td><strong><a href="update_frm.php?code='. mysql_result($result, $i, 'ControlNo') . '&id='.$seedval.'&case='. mysql_result($result, $i, 'CaseNo') .'">' . mysql_result($result, $i, 'defendantName') . '</a></strong></td>';
				//$seedval = $_SESSION['seedval'];
                //echo '<td><strong><a href="update_frm.php?code=' . mysql_result($result, $i, 'ControlNo') . '&id='.$seedval.'&case='. mysql_result($result, $i, 'CaseNo') .'">Update</a></strong></td>';
                echo "</tr>"; 
			}
			// close table>
			echo "</table>"; 
		}


?>
</div>
</div>
<div id="footer"><center></a>Return to main <a href="dashboard.php"><font color="red">Dashboard</font></a>, or you can <a href="log_out.php?id=<?php echo $_SESSION['userid']; ?>"><font color="red">Log Out</font></a></center></div>

</body>
</html>